JDK-6804045 : DerValue does not accept empty OCTET STRING
- Type: Bug
- Component: security-libs
- Sub-Component: java.security
- Affected Version: 6u6,7
- Priority: P4
- Status: Closed
- Resolution: Fixed
- OS: generic,linux
- CPU: generic,x86
- Submitted: 2009-02-11
- Updated: 2011-03-07
- Resolved: 2011-03-07
The Version table provides details related to the release that this issue/RFE will be addressed.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
| JDK 7 |
|---|
7 b50Fixed  |
Related Reports
|
Relates :
|
|
|
Relates :
|
|
|
Relates :
|
Description
When creating a DerValue with 04 00 and then try to read the content, an NPE is thrown.
The reason is that buffer is not assigned a non-null value if length == 0:
private DerInputStream init(boolean fullyBuffered, InputStream in)
throws IOException {
....
if (length == 0)
return null;
....
buffer = new DerInputBuffer(bytes);
....
}
public byte[] getOctetString() throws IOException {
byte[] bytes;
....
if (buffer.read(bytes) != length)
....
}
Comments
|